Prevent brute force attacks by enforcing a strong password policy.
def register_user(username, password) do
User.changeset(%User{}, %{username: username, password: password})
|> Repo.insert()
end
This Elixir function allows a user to register with any password, regardless of its length or complexity. This makes it easy for an attacker to guess weak passwords.
def changeset(user, attrs) do
user
|> cast(attrs, [:username, :password])
|> validate_length(:password, min: 8)
|> validate_format(:password, ~r/[a-z]/, message: "must include a lower-case letter")
|> validate_format(:password, ~r/[A-Z]/, message: "must include an upper-case letter")
|> validate_format(:password, ~r/[0-9]/, message: "must include a number")
end
def register_user(username, password) do
User.changeset(%User{}, %{username: username, password: password})
|> Repo.insert()
end
This Elixir function enforces a strong password policy during user registration. The password must be at least 8 characters long and include a lower-case letter, an upper-case letter, and a number.